Skip to Main content Skip to Navigation
Journal articles

Fault Rate Analysis: Breaking Masked AES Hardware Implementations Efficiently

An Wang 1, 2 Man Chen 3 Zongyue Wang 3 Xiaoyun Wang 1, 2 
2 CRYPT - Cryptanalyse
LIAMA - Laboratoire Franco-Chinois d'Informatique, d'Automatique et de Mathématiques Appliquées, Inria Paris-Rocquencourt
Abstract : In 2011, Li presented clockwise collision analysis on nonprotected Advanced Encryption Standard (AES) hardware implementation. In this brief, we first propose a new clockwise collision attack, called fault rate analysis (FRA), on masked AES. Then, we analyze the critical and noncritical paths of the S-box and find that, for its three input bytes, namely, the input value, the input mask, and the output mask, the path relating to the output mask is much shorter than those relating to the other two inputs. Therefore, some sophisticated glitch cycles can be chosen such that the values in the critical path of the whole S-box are destroyed but this short path is not affected. As a result, the output mask does not offer protection to the S-box, which leads to a more efficient attack. Compared with three attacks on masking countermeasures at the Workshop on Cryptographic Hardware and Embedded Systems 2010 and 2011, our method only costs about 8% of their time and 4% of their storage space.
Document type :
Journal articles
Complete list of metadata
Contributor : Phong Q. Nguyen Connect in order to contact the contributor
Submitted on : Wednesday, December 25, 2013 - 10:00:45 AM
Last modification on : Friday, January 21, 2022 - 3:15:22 AM




An Wang, Man Chen, Zongyue Wang, Xiaoyun Wang. Fault Rate Analysis: Breaking Masked AES Hardware Implementations Efficiently. IEEE Transactions on Circuits and Systems Part 2 Analog and Digital Signal Processing, Institute of Electrical and Electronics Engineers (IEEE), 2013, 60 (8), pp.517-521. ⟨10.1109/TCSII.2013.2268379⟩. ⟨hal-00922227⟩



Record views